GLSA-200412-12 : Adobe Acrobat Reader: Buffer overflow vulnerability

This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.

Synopsis :

The remote Gentoo host is missing one or more security-related

Description :

The remote host is affected by the vulnerability described in GLSA-200412-12
(Adobe Acrobat Reader: Buffer overflow vulnerability)

A buffer overflow has been discovered in the email processing of
Adobe Acrobat Reader. This flaw exists in the mailListIsPdf function,
which checks if the input file is an email message containing a PDF

Impact :

A remote attacker could send the victim a specially crafted email
and PDF attachment, which would trigger the buffer overflow and
possibly lead to the execution of arbitrary code with the permissions
of the user running Adobe Acrobat Reader.

Workaround :

There is no known workaround at this time.

See also :

Solution :

All Adobe Acrobat Reader users should upgrade to the latest
# emerge --sync
# emerge --ask --oneshot --verbose '>=app-text/acroread-5.10'

Risk factor :

Critical / CVSS Base Score : 10.0

Family: Gentoo Local Security Checks

Nessus Plugin ID: 15993 (gentoo_GLSA-200412-12.nasl)

Bugtraq ID:

CVE ID: CVE-2004-1152